The dns-logger provides a light-weight vendor-agnostic method for organizations to capture detailed DNS query and response activity. It captures both UDP and TCP based DNS messages forwarding them in real-time to one of several configured targets. Messages are formatted using either JSON or Syslog, allowing easy integration with SIEM or Syslog infrastructures. The dns-logger does not rely on third party drivers and does not require users to enable DNS server logging which in many cases affects server performance.
This document contains information pertinent to this release of the NoSpaceships Ltd dns-logger product (dns-logger).
This document is aimed at all users of the dns-logger.
NOTE This is the very first public release of the dns-logger, therefore information in this document is limited.
The following files make up this release (where
<version> is the version of
dns-logger-<version>-linux.bin- Installer for Red Hat/CentOS 6 and onwards
dns-logger-<version>-windows.exe- Installer for Windows 2008 and onwards
Currently there is no new functionality to mention
|140||2.2.3||Statically compile in standard library on Windows|
|138||2.2.3||Multiple raw socket capture sessions started for interfaces that have multiple IP addresses assigned|
Currently there are no known issues